Book Image

Learning zANTI2 for Android Pentesting

By : Miroslav Vitula
Book Image

Learning zANTI2 for Android Pentesting

By: Miroslav Vitula

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning zANTI2 for Android Pentesting
Miroslav Vitula
Aug, 2015 | 134 pages
No titles found
Table of Contents (12 chapters)
Learning zANTI2 for Android Pentesting
Learning zANTI2 for Android Pentesting
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Android Pentesting with zANTI2
Introducing Android Pentesting with zANTI2
Penetration testing
zANTI2
Zetasploit
Summary
2
Scanning for Your Victim
Scanning for Your Victim
Network discovery
Open or closed?
Scan types
Run script
Intense scan
Device type
Running
OS CPE
OS Details
Network distance
Uptime guess
TCP sequence prediction
IP ID sequence generation
Ping scan
Quick scan and OS detection
Quick traceroute
Slow comprehensive scan
IP/ICMP scan
Script execution
Brute-force scripts
Summary
3
Connecting to Open Ports
Connecting to Open Ports
Open ports
Connecting to open ports
Cracking passwords
Microsoft-DS port connection
A remote desktop connection
Summary
4
Vulnerabilities
Vulnerabilities
A vulnerability
Reverse engineering
Shellshock
SSL Poodle
Zetasploit exploits
Summary
5
Attacking – MITM Style
Attacking – MITM Style
Man in the middle?
MITM attacks through zANTI2
Summary
Index
Index

Microsoft-DS port connection

The Microsoft-DS file-sharing port with number 445 is one of the biggest targets for hackers. This port is type SMB (Server Message Block), meaning it operates as an application-layer network protocol and is mainly used for providing shared access to files, printers, and whatnot. This is one of the reasons this port is a favorite place for hackers—it allows the transfer of malicious content to remote machines:

Port 445 has been present in Windows systems since Windows 2000 and for most of the time stays open, which exposes the target to worms such as W32.Deloder or Iraqi worm, and of course, makes it vulnerable to the power of zANTI2.

After selecting the port you will be prompted (again) for a Username with a Password. These credentials are the same as the ones used to log in to your Windows station:

If these credentials are unknown to you, use the password-complexity audit once again to attempt to crack the password. Instead of applying the attack against the SSH...

Previous Section
End of Section 5
Next Section